+20030726
+ - (dtucker) [openbsd-compat/xcrypt.c] Fix typo: DISABLED_SHADOW ->
+ DISABLE_SHADOW. Fixes HP-UX compile error.
+
+20030724
+ - (bal) [auth-passwd.c openbsd-compat/Makefile.in openbsd-compat/xcrypt.c
+ openbsd-compat/xcrypt.h] Split off encryption into xcrypt() interface,
+ and isolate shadow password functions. Tested in Solaris, but should
+ not break other platforms too badly (except maybe HP =). Also brings
+ auth-passwd.c into full sync with OpenBSD tree.
+
+20030723
+ - (dtucker) [configure.ac] Back out change for bug #620.
+
+20030719
+ - (dtucker) [configure.ac] Bug #620: Define BROKEN_GETADDRINFO for
+ Solaris/x86. Patch from jrhett at isite.net.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/07/14 12:36:37
+ [sshd.c]
+ remove undocumented -V option. would be only useful if openssh is used
+ as ssh v1 server for ssh.com's ssh v2.
+ - markus@cvs.openbsd.org 2003/07/16 10:34:53
+ [ssh.c sshd.c]
+ don't exit on multiple -v or -d; ok deraadt@
+ - markus@cvs.openbsd.org 2003/07/16 10:36:28
+ [sshtty.c]
+ clear IUCLC in enter_raw_mode; from rob@pitman.co.za; ok deraadt@, fgs@
+ - deraadt@cvs.openbsd.org 2003/07/18 01:54:25
+ [scp.c]
+ userid is unsigned, but well, force it anyways; andrushock@korovino.net
+ - djm@cvs.openbsd.org 2003/07/19 00:45:53
+ [sftp-int.c]
+ fix sftp filename parsing for arguments with escaped quotes. bz #517;
+ ok markus
+ - djm@cvs.openbsd.org 2003/07/19 00:46:31
+ [regress/sftp-cmds.sh]
+ regress test for sftp arguments with escaped quotes; ok markus
+
+20030714
+ - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare
+ loginfailed at all, so assume 3-arg loginfailed if not declared.
+ - (dtucker) [port-aix.h] Work around name collision on AIX for r_type by
+ undef'ing it.
+ - (dtucker) Bug #543: [configure.ac port-aix.c port-aix.h]
+ Call setauthdb() before loginfailed(), which may load password registry-
+ specific functions. Based on patch by cawlfiel at us.ibm.com.
+ - (dtucker) [port-aix.h] Fix prototypes.
+ - (dtucker) OpenBSD CVS Sync
+ - avsm@cvs.openbsd.org 2003/07/09 13:58:19
+ [key.c]
+ minor tweak: when generating the hex fingerprint, give strlcat the full
+ bound to the buffer, and add a comment below explaining why the
+ zero-termination is one less than the bound. markus@ ok
+ - markus@cvs.openbsd.org 2003/07/10 14:42:28
+ [packet.c]
+ the 2^(blocksize*2) rekeying limit is too expensive for 3DES,
+ blowfish, etc, so enforce a 1GB limit for small blocksizes.
+ - markus@cvs.openbsd.org 2003/07/10 20:05:55
+ [sftp.c]
+ sync usage with manpage, add missing -R
+
+20030708
+ - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]]
+ Include AIX headers for authentication functions and make calls match
+ prototypes. Test for and handle 3-arg and 4-arg variants of loginfailed.
+ - (dtucker) [session.c] Check return value of setpcred().
+ - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h]
+ Convert aixloginmsg into platform-independant Buffer loginmsg.
+
+20030707
+ - (dtucker) [configure.ac] Bug #600: Check that getrusage is declared before
+ searching libraries for it. Fixes build errors on NCR MP-RAS.
+
+20030706
+ - (dtucker) [ssh-rand-helper.c loginrec.c]
+ Apply atomicio typing change to these too.
+
+20030703
+ - (dtucker) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2003/06/28 07:48:10
+ [sshd.c]
+ report pidfile creation errors, based on patch from Roumen Petrov;
+ ok markus@
+ - deraadt@cvs.openbsd.org 2003/06/28 16:23:06
+ [atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c
+ progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
+ sshd.c]
+ deal with typing of write vs read in atomicio
+ - markus@cvs.openbsd.org 2003/06/29 12:44:38
+ [sshconnect.c]
+ memset 0, not \0; andrushock@korovino.net
+ - markus@cvs.openbsd.org 2003/07/02 12:56:34
+ [channels.c]
+ deny dynamic forwarding with -R for v1, too; ok djm@
+ - markus@cvs.openbsd.org 2003/07/02 14:51:16
+ [channels.c ssh.1 ssh_config.5]
+ (re)add socks5 suppport to -D; ok djm@
+ now ssh(1) can act both as a socks 4 and socks 5 server and
+ dynamically forward ports.
+ - markus@cvs.openbsd.org 2003/07/02 20:37:48
+ [ssh.c]
+ convert hostkeyalias to lowercase, otherwise uppercase aliases will
+ not match at all; ok henning@
+ - markus@cvs.openbsd.org 2003/07/03 08:21:46
+ [regress/dynamic-forward.sh]
+ add socks5; speedup; reformat; based on patch from dtucker@zip.com.au
+ - markus@cvs.openbsd.org 2003/07/03 08:24:13
+ [regress/Makefile]
+ enable tests for dynamic fwd via socks (-D), uses nc(1)
+ - djm@cvs.openbsd.org 2003/07/03 08:09:06
+ [readconf.c readconf.h ssh-keysign.c ssh.c]
+ fix AddressFamily option in config file, from brent@graveland.net;
+ ok markus@
+
+20030630
+ - (djm) Search for support functions necessary to build our
+ getrrsetbyname() replacement. Patch from Roumen Petrov
+
+20030629
+ - (dtucker) [includes.h] Bug #602: move #include of netdb.h to after in.h
+ (fixes compiler warnings on Solaris 2.5.1).
+ - (dtucker) [configure.ac] Add sanity test after system-dependant compiler
+ flag modifications.
+
+20030628
+ - (djm) Bug #591: use PKCS#15 private key label as a comment in case
+ of OpenSC. Report and patch from larsch@trustcenter.de
+ - (djm) Bug #593: Sanity check OpenSC card reader number; patch from
+ aj@dungeon.inka.de
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/06/23 09:02:44
+ [ssh_config.5]
+ document EnableSSHKeysign; bugzilla #599; ok deraadt@, jmc@
+ - markus@cvs.openbsd.org 2003/06/24 08:23:46
+ [auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
+ monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
+ int -> u_int; ok djm@, deraadt@, mouring@
+ - miod@cvs.openbsd.org 2003/06/25 22:39:36
+ [sftp-server.c]
+ Typo police: attribute is better written with an 'r'.
+ - markus@cvs.openbsd.org 2003/06/26 20:08:33
+ [readconf.c]
+ do not dump core for 'ssh -o proxycommand host'; ok deraadt@
+ - (dtucker) [regress/dynamic-forward.sh] Import new regression test.
+ - (dtucker) [configure.ac] Bug #570: Have ./configure --enable-FEATURE
+ actually enable the feature, for those normally disabled. Patch by
+ openssh (at) roumenpetrov.info.
+
+20030624
+ - (dtucker) Have configure refer the user to config.log and
+ contrib/findssl.sh for OpenSSL header/library mismatches.
+
+20030622
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/06/21 09:14:05
+ [regress/reconfigure.sh]
+ missing $SUDO; from dtucker@zip.com.au
+ - markus@cvs.openbsd.org 2003/06/18 11:28:11
+ [ssh-rsa.c]
+ backout last change, since it violates pkcs#1
+ switch to share/misc/license.template
+ - djm@cvs.openbsd.org 2003/06/20 05:47:58
+ [sshd_config.5]
+ sync description of protocol 2 cipher proposal; ok markus
+ - djm@cvs.openbsd.org 2003/06/20 05:48:21
+ [sshd_config]
+ sync some implemented options; ok markus@
+ - (dtucker) [regress/authorized_keys_root] Remove temp data file from CVS.
+ - (dtucker) [openbsd-compat/setproctitle.c] Ensure SPT_TYPE is defined before
+ testing its value.
+
+20030618
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/06/12 07:57:38
+ [monitor.c sshlogin.c sshpty.c]
+ typos; dtucker at zip.com.au
+ - djm@cvs.openbsd.org 2003/06/12 12:22:47
+ [LICENCE]
+ mention more copyright holders; ok markus@
+ - nino@cvs.openbsd.org 2003/06/12 15:34:09
+ [scp.c]
+ Typo. Ok markus@.
+ - markus@cvs.openbsd.org 2003/06/12 19:12:03
+ [scard.c scard.h ssh-agent.c ssh.c]
+ add sc_get_key_label; larsch at trustcenter.de; bugzilla#591
+ - markus@cvs.openbsd.org 2003/06/16 08:22:35
+ [ssh-rsa.c]
+ make sure the signature has at least the expected length (don't
+ insist on len == hlen + oidlen, since this breaks some smartcards)
+ bugzilla #592; ok djm@
+ - markus@cvs.openbsd.org 2003/06/16 10:22:45
+ [ssh-add.c]
+ print out key comment on each prompt; make ssh-askpass more useable; ok djm@
+ - markus@cvs.openbsd.org 2003/06/17 18:14:23
+ [cipher-ctr.c]
+ use license from /usr/share/misc/license.template for new code
+ - (dtucker) [reconfigure.sh rekey.sh sftp-badcmds.sh]
+ Import new regression tests from OpenBSD
+ - (dtucker) [regress/copy.1 regress/copy.2] Remove temp data files from CVS.
+ - (dtucker) OpenBSD CVS Sync (regress/)
+ - markus@cvs.openbsd.org 2003/04/02 12:21:13
+ [Makefile]
+ enable rekey test
+ - djm@cvs.openbsd.org 2003/04/04 09:34:22
+ [Makefile sftp-cmds.sh]
+ More regression tests, including recent directory rename bug; ok markus@
+ - markus@cvs.openbsd.org 2003/05/14 22:08:27
+ [ssh-com-client.sh ssh-com-keygen.sh ssh-com-sftp.sh ssh-com.sh]
+ test against some new commerical versions
+ - mouring@cvs.openbsd.org 2003/05/15 04:07:12
+ [sftp-cmds.sh]
+ Advanced put/get testing for sftp. OK @djm
+ - markus@cvs.openbsd.org 2003/06/12 15:40:01
+ [try-ciphers.sh]
+ add ctr
+ - markus@cvs.openbsd.org 2003/06/12 15:43:32
+ [Makefile]
+ test -HUP; dtucker at zip.com.au
+
+20030614
+ - (djm) Update license on fake-rfc2553.[ch]; ok itojun@
+
+20030611
+ - (djm) Mention portable copyright holders in LICENSE
+ - (djm) Put licenses on substantial header files
+ - (djm) Sync LICENSE against OpenBSD
+ - (djm) OpenBSD CVS Sync
+ - jmc@cvs.openbsd.org 2003/06/10 09:12:11
+ [scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5]
+ [sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
+ - section reorder
+ - COMPATIBILITY merge
+ - macro cleanup
+ - kill whitespace at EOL
+ - new sentence, new line
+ ssh pages ok markus@
+ - deraadt@cvs.openbsd.org 2003/06/10 22:20:52
+ [packet.c progressmeter.c]
+ mostly ansi cleanup; pval ok
+ - jakob@cvs.openbsd.org 2003/06/11 10:16:16
+ [sshconnect.c]
+ clean up check_host_key() and improve SSHFP feedback. ok markus@
+ - jakob@cvs.openbsd.org 2003/06/11 10:18:47
+ [dns.c]
+ sync with check_host_key() change
+ - djm@cvs.openbsd.org 2003/06/11 11:18:38
+ [authfd.c authfd.h ssh-add.c ssh-agent.c]
+ make agent constraints (lifetime, confirm) work with smartcard keys;
+ ok markus@
+
+
+20030609
+ - (djm) Sync README.smartcard with OpenBSD -current
+ - (djm) Re-merge OpenSC info into README.smartcard
+
20030606
- (dtucker) [uidswap.c] Fix setreuid and add missing args to fatal(). ok djm@